A new bill that aims to limit the damages that can be awarded to privacy-defending companies after breaches of consumer data will not be put to the public before the end of the year, a major change in the way privacy law is written.
Key points:Privacy Commissioner James Purnell says the new laws will protect consumers from financial harm from loss of their privacyIf they are changed to protect companies that breach the law, the changes will be debated in ParliamentThe changes will come into effect on October 31, 2020The bill introduced by the Australian Privacy Foundation, which represents privacy-minded businesspeople, states that any breach of consumer privacy can be brought to the attention of a company in the event of a loss of personal data.
If the loss of data is substantial and has caused significant distress or anxiety, the consumer may seek redress through a consumer redress scheme (CRS) or in court.
The proposed changes would change the current legislation in the most significant way.
Under current law, breaches of privacy are considered a civil wrong and are subject to civil penalties.
The new bill will change that to make breaches of the law criminal.
It will make it a criminal offence for a person to disclose personal information that is subject to a data protection breach, unless the breach is for the sole purpose of securing the rights and interests of another.
The bill will also apply to breaches of data protection laws or the Australian Data Protection Act, which has not been changed in the last 10 years.
But the changes would apply to breach of the Australian Cybercrime Act or the Telecommunications (Interception and Access) Act 1997, which are not directly affected by the proposed changes.
Privacy Commissioner Ian Stewart says the proposed legislation is “significant” in terms of making breaches of personal privacy a criminal act.
“Privacy is the cornerstone of our democracy and our way of life,” he said.
“It’s something that I believe should be protected, but it’s also something that should be dealt with fairly.”
Under the proposed change, a breach of privacy could also be brought under the Telecommunications Act 1995, which covers breaches of communications or electronic communications.
The legislation was introduced in 1996 to protect Australians from data breaches.
It was meant to last until 2021, but changes were made to the legislation in 2013.
The change is a significant shift in the laws in a country that has seen the number of data breaches on record rise by nearly 500 per cent since 2015.
Australia is now home to more than 600 companies with more than $1 billion in assets.